wolfSSL: Implement tls_connection_get_peer_subject()

This is needed for EAP-TEAP server implementation.

Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>

diff --git a/src/crypto/tls_wolfssl.c b/src/crypto/tls_wolfssl.c
index 56f5e4669017533bd7c015f657e268031210bdaf..0e62aaae4cdee93eee94359ae93b7d0057be0173 100644 (file)
--- a/src/crypto/tls_wolfssl.c
+++ b/src/crypto/tls_wolfssl.c
@@ -94,6 +94,7 @@ struct tls_connection {
        WOLFSSL_X509 *peer_cert;
        WOLFSSL_X509 *peer_issuer;
        WOLFSSL_X509 *peer_issuer_issuer;
+       char *peer_subject; /* peer subject info for authenticated peer */
 };
 
 
@@ -336,6 +337,7 @@ void tls_connection_deinit(void *tls_ctx, struct tls_connection *conn)
        os_free(conn->alt_subject_match);
        os_free(conn->suffix_match);
        os_free(conn->domain_match);
+       os_free(conn->peer_subject);
 
        /* self */
        os_free(conn);
@@ -1096,6 +1098,11 @@ static int tls_verify_cb(int preverify_ok, WOLFSSL_X509_STORE_CTX *x509_ctx)
                context->event_cb(context->cb_ctx,
                                  TLS_CERT_CHAIN_SUCCESS, NULL);
 
+       if (depth == 0 && preverify_ok) {
+               os_free(conn->peer_subject);
+               conn->peer_subject = os_strdup(buf);
+       }
+
        return preverify_ok;
 }
 
@@ -2100,6 +2107,14 @@ void tls_connection_remove_session(struct tls_connection *conn)
 }
 
 
+const char * tls_connection_get_peer_subject(struct tls_connection *conn)
+{
+       if (conn)
+               return conn->peer_subject;
+       return NULL;
+}
+
+
 void tls_connection_set_success_data(struct tls_connection *conn,
                                     struct wpabuf *data)
 {